South Korean Finance Ministry Targeted By Chinese Hackers

The compromised computers, located at the finance ministry headquarters in Gwacheon, south of Seoul, were attacked in early February. Intelligence authorities are conducting a probe, the officials said.

"The computers were apparently attacked by Chinese hackers," a ministry official said on condition of anonymity. "An investigation is still under way to figure out how much information has been compromised." He quoted a source from the National Intelligence Service as saying that the hackers might be "working for the Chinese government." NIS officials could not be reached for comment.

The incident came before South Korean President Lee Myung-bak and his Chinese counterpart, Hu Jintao, held their first summit talks this year on the sidelines of the G-20 gathering in London last week.

[...]The hackers reportedly sent an e-mail to an unspecified number of ministry employees that appeared to be from one of their colleagues.

Many of them opened it without any suspicion, activating surreptitious software that allowed the hackers to gain access, the official explained.

The finance ministry has been attempting to strengthen its Internet firewall since late last year by making officials use two separate computers -- one used only for Web access and another for working on documents -- so that information cannot be leaked through the network.

The so-called "network separation" plan has reduced the number of information leaks "significantly," the ministry said.

"(The leak) happened before the project was completed," another ministry official said. "We have enforced the separated use of computers since April 1. It would be difficult for such a case to happen again." However, experts worry that classified information could be leaked even under the tightened security system, as hackers continue to use more sophisticated methods.